71f2025284de298b6d0d1b9c17bf2909_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

71f2025284de298b6d0d1b9c17bf2909_JaffaCakes118
Size

505KB
MD5

71f2025284de298b6d0d1b9c17bf2909
SHA1

8cf8e3a37beb8ef3c2ed7e91bb1215be65e22027
SHA256

7c9223b7d94ca50fdc47c3ea8552ddc676b506863559471e057eb676d15a43dc
SHA512

f35d57b86ee2ec8c96803ffb48e715f7d913ceb2caad40aa1265084e90f87558a1300d7779de577497ea2b0023a6f53577bfe6df1106f790bfabddbe5fdceda0
SSDEEP

6144:yQVhbbM5QYwmq4ZSV4UvImDTRo8dwRsxei3cqktww5ty3dMwWSC/7XQBVYfcHUG:yiNM5vwf/uqTRo0wTtwwfy+IOXrf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71f2025284de298b6d0d1b9c17bf2909_JaffaCakes118

Files

71f2025284de298b6d0d1b9c17bf2909_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2930a9159a7834d8961a16b8f0f745a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
FreeLibrary
GetProcAddress
LoadLibraryA
OpenProcess
GetModuleFileNameA
GetModuleHandleA
SetProcessShutdownParameters
TerminateThread
GetExitCodeThread
ReleaseMutex
InterlockedExchange
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushFileBuffers
LCMapStringW
WriteConsoleA
MultiByteToWideChar
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetHandleCount
WideCharToMultiByte
ReadFile
HeapSize
SetLastError
HeapReAlloc
DeleteFileA
MoveFileA
GetVersion
GetCommandLineA
GetStartupInfoA
GetFileType
SetStdHandle
TerminateProcess
ExitProcess
InterlockedIncrement
InterlockedDecrement
HeapFree
HeapAlloc
ExitThread
CreateThread
RaiseException
GetLocalTime
GetTimeZoneInformation
RtlUnwind
OutputDebugStringA
WriteFile
MoveFileExA
CreateFileA
SetFilePointer
SetEndOfFile
AllocConsole
GetStdHandle
CreateMutexA
GlobalAlloc
GlobalLock
GlobalUnlock
GetVersionExA
GetComputerNameA
GetCurrentProcessId
GetSystemTime
Sleep
TlsGetValue
ResumeThread
TlsAlloc
GetCurrentProcess
GetCurrentThread
DuplicateHandle
GetCurrentThreadId
TlsSetValue
SetThreadPriority
CloseHandle
CreateSemaphoreA
ReleaseSemaphore
WaitForSingleObject
GetLastError
LeaveCriticalSection
FileTimeToSystemTime
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
LCMapStringA
GetSystemTimeAsFileTime

user32

MessageBoxA
ReleaseDC
GetDC
DialogBoxParamA
EndDialog
SetForegroundWindow
SetDlgItemTextA
SetWindowLongA
GetWindowLongA
MessageBeep
SetTimer
keybd_event
GetKeyboardState
mouse_event
GetSystemMetrics
GetThreadDesktop
SetFocus
GetDlgItem
GetDlgItemTextA
RegisterWindowMessageA
GetWindowRect
GetClassNameA
DispatchMessageA
WaitMessage
WindowFromPoint
GetCursorPos
PostThreadMessageA
TranslateMessage
GetMessageA
GetForegroundWindow
OpenInputDesktop
SetThreadDesktop
GetProcessWindowStation
GetUserObjectInformationA
ExitWindowsEx
IsDlgButtonChecked
EnableWindow
GetWindowTextA
SetWindowTextA
SetWindowPos
CallWindowProcA
GetSubMenu
SetMenuDefaultItem
TrackPopupMenu
GetMenuItemID
LoadStringA
EnableMenuItem
DestroyMenu
LoadMenuA
PeekMessageA
PostMessageA
DestroyWindow
VkKeyScanA
MapVirtualKeyA
ChangeClipboardChain
KillTimer
FindWindowA
SystemParametersInfoA
CloseDesktop
EnumDesktopWindows
GetAsyncKeyState
LoadIconA
GetClientRect
MoveWindow
SendDlgItemMessageA
GetClipboardOwner
GetClipboardData
SendMessageA
DefWindowProcA
PostQuitMessage
IsWindowVisible
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetIconInfo
DrawIconEx
LoadCursorA
RegisterClassExA
CreateWindowExA
SetClipboardViewer
OpenDesktopA

gdi32

GdiFlush
BitBlt
CreateDIBSection
GetStockObject
CreatePalette
SelectPalette
RealizePalette
DeleteObject
DeleteDC
GetDIBits
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
SetDIBColorTable
GetSystemPaletteEntries
SelectObject

wsock32

getsockname
setsockopt
WSAStartup
WSACleanup
socket
closesocket
ntohs
gethostbyname
getservbyname
getsockopt
select
__WSAFDIsSet
recvfrom
ntohl
WSAGetLastError
recv
send
shutdown
getpeername
accept
listen
ioctlsocket
connect
htons
htonl
bind
inet_addr

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
Shell_NotifyIconA

advapi32

ImpersonateLoggedOnUser
RegCloseKey
RegisterEventSourceA
ReportEventA
DeregisterEventSource
SetServiceStatus
RegOpenKeyA
RegDeleteValueA
OpenServiceA
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegCreateKeyA
RegisterServiceCtrlHandlerA
RegSetValueExA
GetUserNameA
RevertToSelf
OpenProcessToken
StartServiceCtrlDispatcherA

ole32

CoCreateInstance
CoInitialize

comctl32

InitCommonControlsEx

windeskspy

SetHooks
UnSetHooks
SetKeyboardFilterHook
SetMouseFilterHook

iphlpapi

GetAdaptersInfo

Sections

.avp
Size: 400KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 50KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c2930a9159a7834d8961a16b8f0f745a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

wsock32

shell32

advapi32

ole32

comctl32

windeskspy

iphlpapi

Sections

.avp Size: 400KB - Virtual size: 404KB

.avp Size: 12KB - Virtual size: 16KB

.avp Size: 50KB - Virtual size: 64KB

.avp Size: 41KB - Virtual size: 44KB

.avp
Size: 400KB - Virtual size: 404KB

.avp
Size: 12KB - Virtual size: 16KB

.avp
Size: 50KB - Virtual size: 64KB

.avp
Size: 41KB - Virtual size: 44KB